Small Business Network Security Checklist

In today’s business environment, cybersecurity is a crucial concern regardless of a company’s size. The impact of a security breach might result in the destruction and closing of a smaller-sized firm if they lack the resources for considerable damage control. Because of this, every company needs to take the proper precautions to safeguard critical data from unauthorized users, no matter how small or large.

This checklist will help you to stay on top of your network security and avoid the most common mistakes. Download it now.

 

What is Network Security, and Why is it Important?

The internet is a fantastic resource for modern enterprises. Instead of a room full of old filing cabinets, a searchable database is available worldwide and across all wireless networks. Nowadays, we can even attend a video meeting and get the same results without the need to fly to another location for the same in-person meeting.

However, even though we now have a lot of new conveniences, business networks are even more exposed to vast, complex security threats. Every time a new program or a piece of hardware is put into use, there is a chance for online hackers to break in and steal sensitive data from a person or company.

Businesses must ensure they are effectively controlling their network security if they want the convenience of the internet and the much-needed security. Even though doing a network security audit can be stressful, companies should still do them if they want to keep their data as secure as possible.

We’ve created a brief security and audit checklist below to make things simpler and to help prevent cyber-attacks.

1. Use Antivirus and Anti-malware

Anti-malware and antivirus software safeguards you from any unwanted programs installed on your network, including viruses, trojans, ransomware, spyware, and worms. These may reach your system through a corrupted file or link, another infected device, or a combination of the two.

Cybercriminals create malware, or malicious software, to infect your machines for various reasons. For example, ransomware encrypts your files so that you become locked out and are forced to pay the attackers price to access your crucial business data. Malware-based cyberattacks of other kinds could even seize control of your network and use it for a DDoS (Denial of Service) attack or to harm your system directly.

Anti-malware software inspects files as they enter your network and periodically scans the files already on your machine to check for either errors or damaged files. The software will then quarantine or remove any suspicious files if they are found.

2. Regular Software Updates

Software updates are highly likely to include fixes for known security vulnerabilities and performance enhancements. Delaying these updates could prevent you from receiving the patches for known security flaws, putting your data in danger and enabling hackers to access your system.

Consider purchasing patch management software if your network consists of various devices that require updates, such as network equipment like routers or office PCs.

3. Use Strong Passwords

Did you know that weak password security is believed to be the source of 81% of data breaches? By using secure passwords, you can stop hackers from accessing your system. Make sure to change the default password to a secure one when you first receive a device or install any software.

Using default passwords makes it easy for hackers to access your system. Develop a plan to update the password frequently to ensure your devices are always protected.

Make sure your employees understand what a strong password looks like, urge them to follow your company’s password policy, and utilize two-factor authentication on their work devices to stay on the same page.

4. Firewalls

Firewalls use a set of rules to regulate the traffic entering and leaving your network. They are the barrier separating your secure internal network from the unidentified outside network. Firewalls can stop unauthorized traffic from entering your internal network by monitoring the traffic and blocking it.

Additionally, firewalls segment the network to divide traffic into smaller groups that are easier to manage. There are various kinds of firewalls, including proxy firewalls, stateful firewalls, Unified Threat Management (UTM) firewalls, packet-filtering firewalls, Next-Generation Firewalls (NGFW), and so on.

5. Data Loss Prevention (DLP)

Data Loss Prevention (DLP) software scans your network for sensitive data being transported and stored to prevent leaks. Suppose your business has a BYOD (Bring Your Own Device) policy. In that case, for employees who either work remotely or if you keep their data stored in the cloud, data loss prevention solutions become more critical.

DLP solutions safeguard your data by keeping an eye on the network to ensure that users aren’t flouting the rules you’ve set for sensitive data, including sending it to a risky network or making an unauthorized copy. DLP systems do this by continuously monitoring, tracking, and logging where your sensitive data are. This lowers the possibility of accidental mistakes.

6. Managing User Accounts and Remote Access

Limit account permissions to the minimum amount necessary for the user to perform their job. Only utilize administrator accounts when necessary to make changes to the administration. Ensure that only the administrator account has access and each employee has a distinct account with their login information. That remote access is only permitted through a Virtual Private Network (VPN). If at all possible, make your system’s access subject to multi-factor authentication. Also, be sure to remove a former employee’s account as soon as they exit the company.

Since remote work and BYOD policies are the standards for most firms these days, this is even more crucial. Implementing these regulations may encourage users to be more lenient with their data, which could put your company at significant risk. You must take precautions to preserve the integrity and security of your data, including developing a tight policy restricting access to only what’s required for personnel to do their duties.

7. Data Recovery Plan (DRP)

It’s necessary to keep your data safe from illegal and unwanted access, but it’s also crucial to have a disaster recovery plan in case your data is lost. Sometimes, rather than stealing information, the goal of a cyberattack is to just disrupt a business. Do you have a backup copy of all your crucial data in case it gets corrupted or disappears entirely?

To ensure they are not missed and that your backups contain the most recent files, backups should be encrypted and automatically scheduled. Several backup techniques, including onsite servers and cloud backup, provide an extra degree of security.

8. Phishing and Spoofing Messages

Phishing and spoofing perpetrators deceive recipients by sending false communications and other social engineering strategies. These frauds typically pose as trustworthy organizations trying to dupe victims into either downloading harmful files, clicking on dangerous links, or disclosing personal information.

Emails and SMS are two examples of text-based communication channels where spoofing and phishing are frequently used. Installing security solutions with anti-phishing features is strongly advised to help you avoid being a victim of spoofing and phishing. This function will notify you if a link or email’s sender raises any red flags.

On the rare chance that they manage to get past your anti-phishing defenses, you will still need to be vigilant when checking your email to prevent falling for a phishing scam. To enhance your employees’ awareness and attention when checking their inboxes, train your staff and have them participate in phishing scenarios.

9. Train your Workforce

The most crucial aspect of any network security plan is your end users (employees). Your users are your best line of defense, even if you have all the tools, systems, and regulations at your disposal.

When working from home, 47% of employees blamed distraction for their fallibility to phishing attacks. It’s time to train your entire crew to defend against all security threats since the average data breach cost has increased to about $4.64 million.

Ensure your end users understand the potential effects of a security breach on your business, their responsibility for securing company data, and how to protect themselves from malicious actors. To achieve this, you’ll need an excellent training program to instruct your users on how to raise their security levels and to be on alert for any suspicious activity.

10. Develop a Response for Security Breaches

A planned reaction during a breach can significantly enhance your company’s outcome. You’ll have a list of steps you need to follow to protect anything that hasn’t already been accessed rather than having to react immediately. Written instructions will guarantee you follow all the essential procedures to halt the attack from causing more harm and, if necessary, start the recovery process.

If you can act quickly and inform your clients about how it has affected their data security, it can also help you restore your reputation with them. Additionally, small business cyber security includes performing regular vulnerability audits to check your network for potential weak spots and fix them before a breach occurs.

 

Enhance Network Security with Protected Harbor

A layered strategy is required to protect your network’s security and prevent unauthorized access to sensitive data. By routinely inspecting your network security on all network devices, mobile devices, and other devices with internet access in your organization, you can be sure you are following these security best practices.

In addition to your security system, educating your staff about daily hazards and small business cybersecurity is crucial. Since remote work is the norm for most businesses these days, a more stringent training program is required to guarantee the security and protection of all company data.

Protected Harbor’s Network Engineers create a secure environment by building a network resistant to cyber-attacks and staying operational during emergencies. We use network monitoring tools to scan network performance, security, and compliance. We also troubleshoot issues, upgrade network hardware and software, and work with vendors to ensure new products meet the company’s security requirements.

A network vulnerability assessment from Protected Harbor will help your organization identify potential weaknesses and vulnerabilities in your current network setup.

A Protected Harbor security expert can assist with a free assessment for cybersecurity for small business and vulnerability test to determine your weak points. From there, we will build a plan that includes updates, new configurations, implementation, unlimited onsite support, and live monitoring services for a flat monthly rate to safeguard your network. Ready to get started? Speak to a professional that can assist you with your network and security needs.

IT Security Incident Affects Multiple Facilities Across CommonSpirit Health

One of the most significant health systems in the country, CommonSpirit Health, said that the IT security breach happened on Monday, October 3, 2022.

 

CommonSpirit Health, a faith-based healthcare organization, located throughout the Midwest, recently experienced an unfortunate security incident. At first glance, this security incident may appear innocuous since it only involved exposing sensitive patient information. However, the ramifications extend far beyond a breach of privacy.

In light of these developments, we have compiled a brief overview of the CommonSpirit Health IT security incident to help you identify potential vulnerabilities in your environment.

 

What Happened?

According to reports, a hack on CommonSpirit Health System that is still ongoing compromised facilities in Tennessee, Nebraska, and Washington. EHRs (Electronic Health Records) are currently among the offline IT systems, and patient visits have since been rescheduled.

The number of facilities impacted by the issue, which started on Monday, is still unknown, as is the number of patient records.

According to a statement from CommonSpirit, “as a result of this situation, we have rescheduled some patient visits in several of our communities.” If a patient’s appointment is impacted, their provider and care facility will contact them directly.

One of the largest health systems in the nation, based in Chicago, runs 142 hospitals and more than 2,200 care facilities throughout 21 states.

It stated, “We take our responsibility to safeguard patient privacy and IT security very seriously.”

According to CHI (Catholic Health Initiatives), the facilities are adhering to procedures for system failures and “[are] taking steps to minimize the disturbance.”

 

Why This Matters?

In 2019, Trinity Health and CHI merged to create CommonSpirit Health, a new nonprofit Catholic health system with a presence in 21 states.

According to The Chattanoogan.com in Tennessee, the hacking attack impacted the neighborhood of CHI Memorial hospital. According to the report, CHI officials said several patient procedures had to be rescheduled, and some systems had to be shut down.

The Virginia Mason Franciscan Health in Seattle has also stated that the outage has affected their systems. St. Joseph Medical Center in Tacoma is one of the hospitals and clinics in the Puget Sound region run by VMFH. Given this, patients could not access MyChart, an online patient portal.

CommonSpirit is one of several renowned nonprofit health systems reporting significant losses for the most recent fiscal year.

In 2022, the company recorded losses of $1.85 billion.

Wright Lassiter, formerly with Henry Ford Health, was recently named by
CommonSpirit as its new CEO and Lloyd Dean’s replacement.

 

Protected Harbor’s Take on the Matter

“An ounce of prevention is worth a pound of cure, right? Well, this holds true when it comes to cybersecurity as well as in the case of the CommonSpirit health incident. Even the most diligent and well-intentioned companies can be the victim of a data breach. With the GDPR in effect, it’s now a matter of public record if your data has been stolen.” – Richard Luna, CEO of Protected Harbor.

It is a proven fact that most cyberattacks happen due to negligence. Therefore, it is imperative to have a reliable security system to protect you from all sorts of online threats. At the same time, it is equally essential for you to keep your operating systems, antiviruses, firewalls, and patches up to date with the latest versions available. Without regular updates, your system can become vulnerable to cyber-attacks. Therefore, it is essential that you keep track of all the updates and install them at the right time.

MFA (Multi-Factor Authentication) and IAM (Identity Access Management) are the primary security requirements we suggest all businesses implement to have an extra layer of security.

Cybersecurity awareness should be an integral part of your business plan. It doesn’t matter if you are a large corporation or a small business; cybersecurity is critical for everyone.

For more information, check out a quick guide to proactive cybersecurity measures.

 

Final Thoughts

Unfortunately, many businesses are unaware of the significance a robust security plan has and thus remain vulnerable to cyber threats. If you are concerned about your business’s security and want a foolproof security plan, then hiring an expert can help you.

Protected Harbor offers a range of security services, including a Web Application Firewall (WAF), data breach response, email security, ransomware security, and cloud security to businesses of all sizes. We keep your data and systems secure, help you comply with regulations, and meet your documentation requirements. Our products are easy to use and come with 24/7 support.

Our focus on ease of use, transparency, and value for your dollar sets us apart from the competition. Protected Harbor is one of the best-reviewed cybersecurity providers. We have a 90+ Net Promoter Score.

Even if you feel you have a solid security plan, it can’t work if it’s not in use. A security audit of your network and systems is equally as important. With that being said, Protected Harbor is here to help and will be offering free cybersecurity assessments for all healthcare providers. Contact us today.

Your Smartphone Has Been Hacked If You Notice These Signs

Your smartphone is your constant companion. It’s your source of information, entertainment, and social interaction, all in one small device. Most people check their phones at least 20 times a day, which makes them an attractive target for hackers and cybercriminals.

However, security features on most smartphones have made it pretty tricky for hackers to break through and take control of the device without you knowing about it. That doesn’t mean you can let your guard down or give hackers any opportunity to breach your phone’s security measures.

It will help if you remain diligent in keeping from being hacked. If you see any signs indicating that you have been hacked, take action quickly before it has a chance to do further damage to your data and access more personal information.

 

What causes this to happen in the first place?

To hack into your phone, a person doesn’t necessarily need to be a hacker. While you’re sleeping, someone may bring your phone up to your face and unlock it. With only this one action, they can look through your smartphone secretly.

There is also software that accomplishes the task. Stalkerware is intended to follow you using your location, call logs, messages, photos, browsing history, and other methods. Behind another app that appears to be unimportant, this malware may be disguised.

Your phone may become infected by malicious links and files without your knowledge. Even seemingly innocent PDF files can contain dangerous information. Because of this, it’s crucial to click with caution.

How about apps? Unreliable downloads may mimic well-known applications or attempt to con you into downloading and using them. When you do this, malware is installed on your phone.

There is also a much more focused technique known as SIM swapping. The criminal disconnects your previous connection and transfers everything to the criminal’s device by calling your phone company, pretending to be you, and asking for a new SIM card.

 

Signs to Look Out For

How can you tell if your phone has been compromised? Here are some warning signs:

• Your phone is being slowed down by too many processes operating at once, or it can just be malware using up many resources as the sole offender. Your phone may become heated as a result of this.
• Your battery is depleting significantly more quickly than usual.
• Significant increases in data usage may be a symptom of malware like adware that operates covertly.
• Spammy pop-ups clearly indicate that a malicious program has been installed on your phone.
• Malware can cause your internet to slow down by diverting your traffic to risky servers or simply using up all of your capacity to steal more data from you or target other people.
• Off your phone, there may be some indications, such as emails you don’t recall sending or odd social media posts.

Tap or click here for Top 5 Email Scams You Need to Look Out for This Month.

 

How to stop hackers from getting onto your Smartphone?

A little work can go a long way in preventing malware and hackers from accessing your phone.

• To start, always maintain your phone’s security patches and updates. 
• Turn on two-factor authentication for each account that supports it. Read our comprehensive 2FA guide.
• Avoid clicking on shady or uninvited links. This includes emails, internet adverts, and messages from friends.
• Keep in mind that your home or business network is neither secure. For advice on how to secure it to keep snoops and bad guys out, tap or click here.

Conclusion

Take action right away if you discover any of these indicators that you’ve been hacked so the hacker can’t access more of your data or cause more damage. Your first step should be to power off your device and change your passwords, especially for social media accounts. Next, report the breach to your phone carrier and contact customer support to see what they can do to help. Finally, clean up your phone and make sure to keep your device protected in the future to avoid being hacked in the future.

Protected Harbor provides mobile security, data security, and identity protection. These services protect your company’s data, sensitive information, and valuable assets from cyber threats. In addition, we provide you with email and web security that blocks malicious content and stops data leaks. Our advanced threat protection gives you real-time protection against malware, ransomware, and other cyber threats. We also provide an integrated security operations center to monitor your network and devices, giving you complete peace of mind.

You can also contact our support team with questions or issues, and they’ll get back to you as soon as possible. With Protected Harbor, you can be sure that your company’s data is safe. So what are you waiting for? Secure your devices and network today! Contact us now.

Suffolk County Real Estate Industry Crushed by Cyberattack

Following a cyberattack on the Suffolk County government earlier this month, real estate transactions have come to a halt.

 

Since the cyberattack more than 20 days ago, verifying property titles and filing paperwork has been challenging, which has abruptly halted all deals in the county, according to The Real Deal. On September 8, The Suffolk Times reported that a breach by a group known as BlackCat knocked down county websites, servers, and databases.

It’s been stressful for real estate professionals in the New York area. While this may seem like just another insignificant cybersecurity issue, the implications are much deeper than we can see. In this post, we’ll dive into what happened, why it’s so concerning, and how to stay safe.

 

What Happened?

The Suffolk county cyber attack crippled the county clerk’s office, which is in charge of documenting paperwork and assisting with records searches for properties, and shut down the county’s internet systems last month.

Due to title companies’ inability to accurately scan county databases to confirm that the properties don’t have any liens, judgments, or other encumbrances to pass title, real estate closings have been postponed or canceled, especially on larger commercial acquisitions.

According to attorney David Rosenberg of Garden City-based Rosenberg Fortuna & Laitman, “After the Suffolk county hack, delay in restoring access to the county’s real estate records, which had been available online before the hack, is causing many title companies to withhold final clearance that would allow closings to occur.”

The ability to ascertain whether new liens, encumbrances, or property transfers have been recorded between the first title report and the closing depends on these documents. In more recent deals, it causes the title company to postpone the initial title report, which makes it impossible for lawyers, purchasers, borrowers, and lenders to close any sizeable transactions confidently.

According to The Suffolk Times, a hacker collective known as BlackCat took responsibility for the suffolk county data breach and demanded payment to allow users back into government servers. The hackers say they have taken four gigabytes of information, including information on specific citizens, from the clerk.county.suf domain.

 

What this Means?

Deals have slowed to a trickle since neither banks nor buyers can confirm that titles are clean — that is, the property is free of liens and that the seller is the legal owner and only owner — without checking the property out on county websites.

The process of filing claims is another problem. While some records supplied by hand are being accepted and preserved in chronological order, they won’t be officially on file until the systems are operational. Since New York is a “rush to record” state, the first party to file a title claim is the one whose claim is considered; hence incorrect document filing could result in significant issues.

According to Attorney Howard Stein, head of the Real Estate Practice Group at East Meadow-based Certilman Balin Adler & Hyman, the damage will increase exponentially. “New title reports cannot be created, and as a result, newly signed transactions are completely blocked.” The economic implications could be disastrous if a solution cannot be found.

Some title insurers have been forced to add an exception to their Schedule B list of things they cannot insure due to the closure of county systems. This exception now states that they will not cover “any defect, lien, encumbrance, adverse claim, or other matter created by or arising out of the inaccessibility of the Office of Suffolk County, including, but not limited to, an inability to search the public records, or any delay in recording of documents in the public records.”

According to Linda Haltman of Plainview-based Hallmark Abstract Services, “If they were in process before the hack and all of the title searches were done, they have been closing,”  “Underwriters are letting sellers sign affidavits if the searches have already been conducted, with the exclusion of unoccupied land, new development, and foreclosures.”

Haltman warns that delays in closing can become costly given the fast-increasing mortgage rates.

“Delays in being able to close could be costly without an extension of a rate lock-in term,” she warned. “It could cost an extra $5,000 upfront to pay down the rate on a mortgage for a $500,000 house.”

 

Protected Harbor’s Take on the Matter

On September 8, websites and web-based apps for Suffolk Government were shut down after officials discovered malware in county systems. Images of county documents were posted as ransomware on the website DataBreaches.net. The hackers claimed to have taken court records, sheriff’s office records, contracts with the state, and citizen personal data from the county clerk’s website.

“An immediate resolution to this issue is critical, as there will be an increasing number of damages as a result of the shutdown,” Protected Harbor CEO Richard Luna said.

Earlier, most small and mid-sized enterprises were unaware of the importance of cybersecurity. However, with the increasing number of cyber-attacks, it has become imperative for all enterprises to invest in cybersecurity. As a company that provides enterprise-grade software, we have always ensured that all our products are secure.

 

Tips to Fight Against Ransomware

1. Desktop/Network & Backup Isolation
   

   The first step in a new network design is to limit through segmentation of the network. Desktops, Servers, and the backup should all be on separated and isolated networks. Using this approach, an infected desktop will not be able to access the backups and will not infect the backups.

2. Virtualization
   

   We can accomplish desktop and network isolation using virtualization. Virtualization allows you to back up the entire desktop, not just shared folders, databases, or scanned folders, but all folders. This means we can recover the whole office, and not pieces of the office.

3. Email & Web Filtering
   

   Filtering email and web content is an integral part of the Ransomware defense. Good email filtering should include pattern recognition. The initial Ransomware attacks follow a template, and when properly configured, email filtering systems block or quarantine the attack.
   

4. Enable network monitoring
   

   Network monitors can alert and warn on unusual traffic or traffic that is typical of an attack; for example, if specific information is transmitted out of the network, that would trigger an alert.

5. Geo-Blocking
   

   Maintain enhanced network protection that includes active parameter checking and Geo-Blocking. For example, check the address of inbound requests, and if the IP is from a blocked country, then the traffic is blocked even before it reaches the client’s network.

Continue to read in detail how to protect yourself against ransomware attacks.

 

Final Thoughts

Cyber threats are increasing daily, and it is essential to stay protected against them. It is impossible to avoid cyber threats altogether, but we can stay protected by following specific steps and implementing the best cybersecurity practices.

Protected Harbor offers a range of cybersecurity products and services that protect your business against all types of malware, ransomware, and other cyber threats. It also ensures data integrity, regulatory compliance, and system availability.

The Ransomware solution is highly scalable and can be deployed on-premises or in the cloud. It is easy to set up and maintain, with no technical skills required. The solution comes with a 24/7 support team that will resolve any issues quickly and efficiently. We are committed to protecting all types of businesses and organizations, offering products and services that are both affordable and easy to use.

We believe there is no better time than now to invest in cybersecurity, as it is the only way to stay ahead in this highly competitive and ever-changing digital world. October is our Annual Cybersecurity Month; we’ll be posting security blogs and videos to keep you protected. Get in touch with our expert and get a free IT Audit today.

WELCOME TO CYBERSECURITY MONTH!

Cybercrimes & Everything You Need to Protect Your Business

Why Is Cybercrime So Dangerous and Can You Be Safer? 

If you are a small business using an off-the-shelf software, I’m sorry to inform you that you are at a higher risk of becoming a victim of cybercrime. We have all, at some point, received phishing emails or have been asked for personal information via our work email from people asking for something out of the ordinary. Most employees have work and personal information on either their company websites or social media. It’s one thing for your business to get scammed, but these bad actors will also go after your clients putting your reputation and business at risk. Fortunately, there are some things that you can do to keep yourself safer.

Social Media Risks

A criminal hacker can target any employee who uses social media. It’s fairly dangerous, but we at Protected Harbor have some tips. We harden our clients’ networks and run employee training all the time. The best thing to tell your employees is to not post anything online that you would not say to your competitors or your manager.

Several social networking sites, such as LinkedIn, allow users to post their resumes. Information concerning one’s work can reveal too much about one’s personal life, giving criminals such as hackers information that may enable them to hack into one’s account. Identity theft can also be committed using resume information.

The privacy settings on most social networking sites are either pre-set or default. Suggest your staff make an effort to alter their privacy settings to block strangers and people who are not friends with them from viewing their private information.

 

Protecting Yourself from Spyware and Viruses 

Think about utilizing safe search online browsing software, frequently included in antivirus software complete editions. This software often uses a red, yellow, or green dot next to the links on the search engine. This aids in warning employees of potentially harmful websites.

Never download a torrent file or a software crack, and never download any file that doesn’t come from a reliable website. These frequently include malware. Also, do not click on any pop-up windows that you are not expecting. Instead, either close the window or get out of your browser completely.

Most importantly, make sure that you are updating your OS’s security patches and always have the latest version of your web browser installed. It sounds simple, but companies like Windows Defender push patches and updates daily to fix vulnerabilities. If you are not fast enough in updating the software, a hacker will use it as an entry point into your system.

 

Understanding Social Engineering

Generally, social engineering involves some type of deception to gather information to commit fraud or gain access to a computer. For instance, our google account uses Meta for Business to run our Facebook Page. Often, we will get a general email to our work email claiming our ads were blocked or taken down due to a violation. It would be tempting to open the email and click on such a link if we actually ran ads there.

Do you know what typosquatting is? Pay attention to the spelling of website addresses. They may resemble a real website, but instead, they are misspelled, for example, GOOGLE.com vs. G00GLE.com.

Any email including an offer of any kind should raise suspicions, especially if it seems too good to be true. The same applies to receiving offers from social media or reputable internet businesses, like Facebook and Google.

 

Caller ID Spoofing; What You Need to Know

“ID spoofing,” is another cybercrime you must be aware of. These days, a random phone call is more likely than ever to be a scammer. Criminals can fool people by hiding their information using “spoofing.” Spoofing disguises, the telephone number from which a text is sent by creating a new one. Phony numbers with the same area code are often used to persuade recipients to answer. The scary thing for businesses is that they can make it look like your number, and call clients.

All of your business numbers and extensions represent assets that you need to protect. Software like IntelePeer and Hiya Connect Secure Call can stop scammers from mimicking your phone numbers, regardless of how many lines and extensions you have in your internal network.

 

Is Public Wi-Fi Safe?

Unfortunately, public Wi-Fi is not secure. Several security risks are associated with using a public Wi-Fi. These networks broadcast signals through radio frequencies, which means that anyone who has the right tools, and these tools are fairly easy to find, can intercept the data that is sent through it.

To protect yourself when using public Wi-Fi, you should use either a remote desktop or virtual desktop. DO NOT USE A VPN!

A VPN (Virtual Private Network) helps you establish a private network while using any public networks. While beneficial to provide access to employees and third parties, this access is open-ended and unsecure. All security capabilities are lost when granting third parties’ remote access via VPN. VPNs lack access controls and session monitoring, both effective means of security for network access. VPNs don’t manage, vault, or verify credentials, so password protection depends on your third parties keeping them safe.

Remote desktop solutions are becoming increasingly familiar with the increased prevalence of distributed workforces and more employees regularly working from home. It’s perfect for people who are either frequently on the go, work out of a home office, or are often out in the field and need access to their local desktop computer. RDP is encrypted by default with a higher level of encryption than VPN and requires no additional connection time.

Even if you have a virtual desktop, don’t store any type of critical data on a device, and then use it outside of a network that is not secure. That means downloading documents to your cellphone, then connecting to Starbucks’ free Wi-Fi to watch TikTok. Turn off the Bluetooth and Wi-Fi on your cell phone or laptop when you aren’t using them, a device that can still send wireless signals appeals to a hacker.

 

What Is a Credit Freeze?

If you don’t have a credit freeze on your business bank account, you are putting your business at further risk. A credit freeze, sometimes called a security freeze, locks down a credit file so that a lender cannot check your credit. This is a good thing, as criminals cannot open any new accounts using your name or your EIN…and if a lender can’t check your credit, they are unlikely to extend a line of credit.

Remember that you must request a credit freeze from each credit bureau, including Equifax, Experian, Innovis, and TransUnion. Remember you can always un-freeze your accounts whenever needed.

 

Keeping Your Passwords Safe and Protected

The most important thing you need to know about passwords is that there is no secure password. Some passwords are more secure than others, of course, but they can always be found. Passwords are extremely convenient for people who want to access your accounts.

Is a Password Manager a Good Idea?

It’s hard to keep track of all your passwords, so it’s tempting to reuse the same one across the board. However, if a hacker gets possession of your password, they’ll have free access to everything you have. Password managers, on the other hand, can simplify your life.

It’s unsurprising for us to be asked, “are password managers safe to use?” The answer is, the use of password managers is considered to be one of the most secure ways to protect your passwords. Password managers offer strong protection against cybercrime because of their encryptions. AES, the industry-standard protection used by the U.S. government to safeguard its sensitive data, is just one example.

 

Set Up Two Factor Authentication on All Accounts

Password authentication is when a user enters a unique ID and key compared to previously stored credentials. It is one of the quickest forms of security; you can set up your device to require some identification before letting someone access your phone. It can be in a passcode, PIN, password, fingerprint, or two-factor authentication (2FA) can be adopted as well.

An additional layer of protection is provided by 2FA, which ensures that the user is whom they say they are. Before gaining access to the account, the user must first provide their username and password. The second piece of information is then requested. Almost every major company and organization website utilizes some kind of two-step, or two-factor, identification.

 

Protecting Your Credit Cards

Many of us, especially in today’s world, use credit cards for not only our jobs but even our daily lives, and there are several things you can do to protect yourself from credit card fraud.

First, make sure to examine your business credit card statements often to see whether they include any unfamiliar or strange expenses. Check your credit card accounts weekly if you can. Check for both large and small charges. If the hackers want to make a large purchase, they might make a small purchase to ensure it goes through.

You can also set up “push” alerts on your company accounts to receive notifications via email or text when purchases are made. For example, you may receive a text any time purchase over $100 is made, or an email anytime there is an online credit card transaction.

Also, store your credit card numbers online at your peril. It’s safer to manually enter the digits every time you want to purchase than to auto-input via Google or Apple.

 

Final Words

Many businesses have already installed firewalls, spam filters, and anti-virus software in order to prevent any cybercriminals from breaking in, yet they are still concerned – and we don’t blame them. These preventions are worthless without a dedicated IT team to respond to malicious attacks and fix compromised devices. If you are worried about ransomware or cyber-attacks, bringing in an experienced team to help with the rise in threats can provide a level of service beyond what firms currently have and at a lower cost.

Outside teams like Protected Harbor bring years of actionable experience to strengthen an organization.

We will ensure that your organization is protected from outside threats with well-tested, proven, and integrated technology. Protected Harbor concentrates on six elements throughout the stack, uplink, firewall, switches, hosts, VMs configuration, and storage to safeguard our customers’ operations.

 

We are offering free cybersecurity assessments and IT audits to all companies that may be interested. You can sign up here:  Free Cybersecurity Assessment

 

How do You Prevent Another Uber-Style Breach

Uber blames contractors for the hack and links breach to Lapsus$ organization.

 

In the News

According to Uber, the hacker responsible for the breach last week is a member of the Lapsus$ extortion group, which has previously attacked Microsoft, Cisco, NVIDIA, Samsung, and Okta, among other well-known IT firms.

According to the company, the attacker conducted an MFA fatigue attack by flooding the contractor with two-factor authentication (2FA) login requests until one of them was approved using the stolen credentials of an Uber EXT contractor.

The usage of this social engineering technique has increased dramatically in recent attacks on well-known businesses worldwide, including Twitter, Robinhood, MailChimp, and Okta. Continue to read how do you prevent another uber-style breach?

 

What happened

The attacker gained privileged access to several tools, including G-Suite and Slack, by breaking into numerous other employee accounts, according to Uber’s updated statement.

“The attacker then modified Uber’s OpenDNS to display a graphic image to employees on some internal sites,” which was posted to a company-wide Slack channel many of you saw.

The business stated that it had not discovered proof that the threat actor could access production systems that hold sensitive user data, including financial and personal information (e.g., credit card numbers, user bank account info, personal health data, or trip history).

The FBI and the US Department of Justice assist the company’s investigation into the event.

 

Uber claims to have taken the following steps to stop similar approaches from being used in future breaches:

• Any employee accounts that were affected or might have been compromised were found, and we either disabled their access to the Uber systems or ordered a password reset.
• Many internal tools that were impacted or might have been impacted were disabled.
• We changed the keys on many of our internal systems, effectively resetting access.
• We restricted access to our source to stop further code additions.
• We asked users to re-authenticate to regain access to internal tools. Additionally, we are enhancing our multi-factor authentication (MFA) guidelines.

We could keep all of our public-facing Uber, Uber Eats, and Uber Freight services operational and running smoothly. Because we took down some internal tools, customer support operations were minimally impacted and are now back to normal. — Uber

 

Is there a solution?

MFA is not an antidote on its own, but security experts believe that any level of MFA is better than none. Uber is not the only business whose network has been penetrated despite using multi-factor authentication.

By luring an employee into submitting their credentials to a phishing page, they had set up, which the hackers then used to generate a push notification delivered to the employee’s smartphones, hackers hacked into Twitter’s network in 2020.

According to an inquiry by the state of New York, the employee acknowledged a prompt, allowing the hackers to enter. More recently, a social engineering attempt that conned a worker into giving up their log in information led to another hack of Mailchimp.

 

Instead of focusing on the highly inspected systems for security issues, all of these attacks use the limitations of multi-factor authentication, frequently by directly attacking the individuals using it.

Cloudflare is the only company targeted in a recent wave of cyberattacks that successfully prevented a network compromise because it employs hardware security keys, which cannot be phished.

Even though some employees “did fall for the phishing messages,” Cloudflare acknowledged in a blog post that its use of hardware security keys—which require employees to physically plug a USB device into their computers after entering their credentials—had prevented the attackers from accessing its network.

According to Cloudflare, the attack “targeted personnel and systems in a manner that we believe would make it probable that most firms would be compromised.

 

Experts Advice MFA

The gold standard of MFA security, security keys, are not without their limitations, not the least of which are the expense and maintenance of the keys. We spend much time debating the necessity of physical security keys for everyone.

However, Tobac noted that some firms still push for mandated SMS two-factor authentication or MFA prompts for internal access.

As Uber’s breach shows, MFA by randomly generated code or push notification is far from ideal. Still, according to Richard Luna, CEO of Protected Harbor, ” Putting the good before the perfect is not a good idea.” Minor adjustments over time have a significant impact.

One notable advance is MFA number matching, which makes social engineering attempts much more challenging by presenting a code on the user’s screen and requiring them to enter it into an app on their verified device. The notion is that, similar to a security key, the attacker would need both the target’s credentials and their confirmed device.

Microsoft, Okta, and Duo offer MFA number matching. However, as security expert Kevin Beaumont pointed out, Okta’s number matching service is wrapped in an expensive licensing tier, while Microsoft’s solution is still in preview. Uber uses Duo for MFA, but it is said that at the time of the incident, number matching was not being used.

According to Tobac, network defenders can also set alerts and restrictions on the number of push messages a user can receive. They can also begin by distributing security keys to a test group of users before expanding it every three months.

In reaction to the hack, Uber stated on Monday that it is strengthening its MFA standards. Uber may still have many questions to answer regarding how the hacker gained access to high-privilege credentials for the remaining vital systems of the company using just a contractor’s stolen password.

 

Bottom Line

Stay up to date with patches, upgrade your software, and apply the latest security fixes. Install an antivirus program and keep it up to date. Use a VPN to protect your traffic from being monitored and encrypted communication to protect your data from prying eyes.

Stay vigilant and aware of any trends or changes in the threat landscape, and react accordingly. Stay informed by reading best practices and security blogs and keeping up with the news to stay on top of all the latest threats.

Protected Harbor security experts recommend enabling multi-factor authentication, using encryption, and activating Identity and Access Management. These tools will help to maintain data integrity, protect private and confidential information, and keep your customers safe from identity theft and data breaches.

Identity and Access Management solutions allow you to delegate the right level of access to the right people, thereby limiting the risk of data breaches. Encryption is essential to protect data in transit and at rest. It is recommended to use TLS protocol for secure data transfer and a FIPS-certified cryptographic module for data at rest.

Get a free security IT Audit and Penetration Testing today from Protected Harbor. Contact us now!

Everything You Need to Know About API Security in 2022

 

The demand for Application Programming Interface (API) solutions continues to increase as enterprises adopt to digital transformation initiatives. APIs are a critical component of any software architecture, making them an essential and accessible feature in modern software development. We’ve already seen how the adoption of APIs can simplify the integration and communication between applications and systems. But, with this growing prominence comes increased risks—especially when it comes to security.

There are various security threats associated with APIs, including data tampering, data leakage, and reverse API endpoint access. In this post, we’ll cover everything you need to know about API security in 2022.

 

What is API Security?

Any best practice security that is applied to online Application Programming Interface’s (APIs), which are widely used in modern applications, is known as API security. Web API security covers API privacy and access control, as well as the detection and rectification of API attacks using reverse engineering and the use of API vulnerabilities as outlined within the OWASP API Security Top 10.

The client-side of an application (such as a mobile app or web app) communicates with the server-side of an application through an API, regardless of whether it is aimed at customers, staff, partners, or anyone else. Simply put, APIs make it simple for developers to create client-side applications. Furthermore, APIs enable microservice architectures.

APIs are often well documented or simple to reverse-engineer because they are frequently made available over public networks (accessible from anywhere). APIs are very vulnerable to Denial of Service (DDOS), making them desirable targets for criminals.

An attack can involve avoiding the client-side application in an effort to interfere with another user’s use of the application or to access confidential data. The goal of API security is to protect this application layer and to deal with any consequences of a bad hacker interacting directly with the API.

 

Why API Security Must Be a Top Priority?

The past few years have seen a rapid rise in API development, driven by the digital transformation and the crucial role that APIs play in both mobile apps and the Internet of Things (IoT). Due to this expansion, API security has become a major worry.

Gartner estimates that, “by 2022, API misuse will be the most-frequent attack vector resulting in data breaches for enterprise online applications,” based on their research for how to build an effective API security strategy. Gartner advises using, “a continuous approach to API security across the API development and delivery cycle, incorporating security [directly] into APIs,” in order to defend oneself against API attacks.

APIs require a focused approach to security and compliance because of the crucial role they play in digital transformation and the access to sensitive data and systems they offer.

 

What Does API Security Entail?

Since you are responsible for your own APIs, the focus of API security is to protect the APIs that you expose, either directly or indirectly. API security is less concerned with the APIs you use that are offered by other parties, but it is still a good idea to analyze outgoing API traffic whenever you can as it might provide useful insights.

It’s also crucial to remember that the practice of API security involves several teams and systems. API security tends to include identity-based security, monitoring/analytics, data security, and network security concepts like rate limitation and throttling.

Access Control	Rate Limiting
OAuth authorization/resource server	Rate Limits, quotas
Access rules definition and enforcement	Spike protection
Consent management and enforcement

 

Content Validation	Monitoring & Analytics
Input/output content validation	AI-based anomaly detection
Schema, pattern rules	API call sequence checks
Signature-based threat detection	Decoys
	Geo-fencing and geo-velocity checks

 

API Security for SOAP, REST and GraphQL

APIs are available in a multitude of form factors. An API’s design can occasionally have an impact on how security is applied to it. For instance, SOAP (Simple Object Access Protocol) Web Services (WS) was the prevalent form prior to the advent of web APIs . XML was widely used during the WS era of service-oriented architecture, which ran from 2000 to 2010, and a large range of formal security specifications were widely accepted under WS-Security/WS-*.

Digital signatures and sections of the XML message that are encrypted are used to implement the SOAP style of security at the message level. With its separation from the transport layer, it benefits from being portable across network protocols (e.g., switching from HTTP to JMS). However, this kind of message-level security is no longer widely used and is largely only found in legacy web services that have endured without changing.

Over the past ten years, Representational State Transfer (REST) has become the more common API security method. When the term, web API is used, REST is frequently taken for granted by default. Resources are identified by HTTP URIs in a way that is crucial to REST-style APIs. The predictable nature of REST APIs led to the development of access control approaches in which the URI (Resource Identification) being accessed, or at the very least its pattern, is linked to the rules that must be followed.

A combination of HTTP verb (GET/PUT/POST/DELETE) and HTTP URI patterns are frequently used to construct access control rules. Rules can be enforced without insight into and, more critically, without the capacity to comprehend the payload into these API transactions by determining which data is being accessed through the URI. This has proven useful, especially for middleware security solutions that implement access control rules independently of the web API implementations themselves by sitting in front of them (such as gateways) or serving as agents (e.g., service filters).

GraphQL is a developing open-source API standard project and yet another form of API style. Front-end developers enjoy GraphQL because it gives them the power to tailor their searches on what best suits their apps and context because they are no longer limited to a specific range of API methods and URI patterns. GraphQL is on its way to dominating web APIs because of this increased control and other advantages like non-breaking version updates and performance improvements.

Although both REST and GraphQL API formats will continue to coexist, GraphQL is becoming a more popular option. In fact, the infrastructure for web API access control is in danger of being disrupted due to its popularity. The key difference between GraphQL requests and the widely used REST pattern is that GraphQL requests do not specify the data being retrieved via the HTTP URI. Instead, GraphQL uses its own query language, which is often included in an HTTP POST body, to identify the data requested.

All resources in a GraphQL API can be accessed using a single URI, such as /graphql. Infrastructure and access control mechanisms for web APIs are frequently not built for this kind of API traffic. It is increasingly likely that the access control rules for GraphQL will need to access the structured data in the API payloads and be able to interpret this structured data for access control. It should go without saying that API providers must decide which strategy would work best for each new set of needs.

 

API Security for Cloud, On-premises, and Hybrid Deployments

API providers can now secure APIs in a variety of ways thanks to the technological advancements of cloud services, API gateways, and integration platforms. Your choice of technology stack will have an impact on how secure your APIs are. For instance, many divisions within big businesses might create their own applications using unique APIs. Large firms also wind up with several API stacks or API silos as a result of mergers and acquisitions.

When all of your APIs are housed in a single silo, the technology used in that silo may be directly matched to the API security needs. These security configurations ought to be portable enough to be retrieved and mapped to different technology in the future for portability’s sake.

However, for diverse settings, API security-specific infrastructure that works across these API silos is often advantageous when establishing API security policies. Sidecars, sideband agents, and of course, APIs that are integrated across cloud and on-premises installations can all be used for this interaction between API silos and API security infrastructure.

 

Layers of API Security

The scope of API security is broad, as was previously described. To provide a high level of protection, there must be many levels, each focusing on a different aspect of API security.

 

API Discovery

What you don’t know about, you can’t secure. There are numerous barriers that restrict security personnel from having complete access to all APIs made available by their company. You have API silos first, which were covered in the section before. API silos reduce API visibility by having separate governance and incomplete lists of APIs.

The rogue or shadow API represents another barrier to API visibility. Shadow APIs occur when an API is created as a component of an application, but the API is only understood by a small set of developers and is regarded as an implementation detail. Security personnel is usually unaware of shadow APIs because they cannot see the implementation specifics.

Finally, APIs have a lifecycle of their own. An API changes with time, new versions appear, or an API may even be deprecated but still function for a short time for backward compatibility. After that, the API is forgotten about or eventually fades from view since it receives so little traffic.

API providers and hackers are competing to find new APIs since they can quickly exploit them. You can mine the metadata of your API traffic to find your APIs before attackers do. This information is gathered via API gateways, load balancers, or directly from network traffic and fed into a customized engine that generates a list of useful APIs that can be compared to API catalogs that are accessible through an API management layer.

 

OAuth and API Access Control

The user—and maybe the application that represents the user—must be identified to limit API resources to only the users who should be permitted access to them. This is often done by mandating that client-side applications include a token in their API calls to the service so that the service may validate the token and retrieve the user information from it. The OAuth standard outlines how a client-side application first acquires an access token. To support diverse processes and user experiences, OAuth specifies a wide range of grant types. These numerous OAuth processes are thoroughly described in this developer guide for additional information on OAuth 2.

It is possible to apply access control rules based on an incoming token. For instance, a rule can be used to decide if the user or application should be permitted to make this specific API call.

A policy enforcement layer must be able to apply these rules at runtime. The rules are defined and managed using policy definition tools. These guidelines consider the following qualities:

• The user’s identity and any associated attributes or claims
• The OAuth scopes for the application and the token’s associated application
• The information being accessed, or the query being made
• The user’s preferences for privacy

Processes and integration are needed in a heterogeneous environment to regulate access consistently across API silos.

 

API Data Governance and Privacy Enforcement

Data travels through APIs, therefore leaks can occur. Because of this, API security also must look at the structured data entering and leaving your APIs and impose specific rules at the data layer.

The enforcement of data security by examining API traffic is particularly well suited for this purpose since data is arranged in your API traffic in a predictable fashion. API data governance enables you to instantly redact data that is structured into your API traffic in addition to [yes/no] type rules. The practice of redacting particular fields that might include data that a user’s privacy settings specify should be kept secret from the requesting application is a typical illustration of this pattern. Since GraphQL does not identify resource IDs via URIs, applying data-level access control enables you to support it.

There are several advantages to separating privacy preference management and enforcement from GraphQL service development. Software created in-house has a high total cost of ownership and might be slow to change. Rarely do the interests of the Node.js developer and the person in charge of enforcing privacy laws overlap. However, giving business analysts and security architects their own tool to create this level of access control speeds up the digital transition. Additionally, by making GraphQL services and REST APIs more adaptable to changes in fine-grain data governance, this decoupling future-proofs the investment in both.

 

API Security to Be Continued

As we’ve explored, APIs are a critical pathway for data and functionality. With this growing importance, we’ve also seen the growing risk of security threats. Security, therefore, needs to be a top priority. We’ve now explored the different areas of API security, but what are the threats that API security is designed to mitigate?

We’ll be discussing this within part two of this article.

Cyberattacks Against Law Firms

What You Need to Know and How to Prevent Them

As the intensity of cyberattacks against businesses continues to rise, law firms have become one of the cyber criminals’ prime targets. Since law firms manage some of the most confidential data for their clients and have access to an extensive network of potential new clients, they have become far more vulnerable than other businesses.

In response to the increasing frequency and scope of cyberattacks against law firms, cybersecurity and managed services provider Protected Harbor has launched a new security awareness program titled, “Cyberattacks Against Law Firms and How to Prevent Them.”

The program consists of two resources: an e-book featuring the top law firm hacks throughout history as well as a whitepaper detailing the cyberattacks against law firms’ and what their trends and threats are. Both versions are free to download!

Now, we will discuss a little bit of background on cyberattacks against law firms and a few quick, various ways you can reduce your organization’s risk to getting attacked.

 

Background on Law Firms and Why They Are Such a Target

Poor cybersecurity is now one of the most significant hazards a legal business can encounter and is no longer only a concern for technology. Major law companies in the US have recently suffered catastrophic cybersecurity breaches that has cost them millions of dollars. Cybersecurity is not just the responsibility of the IT department, it’s instead something that must be covered within the company’s overall policies for utilizing technology within the business or in its services.

A lot goes into cybersecurity, and some businesses are too small to get the complete expertise of IT professionals. Due to the expenditures, medium and big businesses may put off planning for cyber-attacks or assume they won’t be affected which in turn is a huge mistake.

Until recently, law companies were seen as primarily analog in nature. The risk of a cyber breach was typically minimized by attorneys and staff manually tracking client and firm information. But, as businesses embrace innovation and clients want more technologically sophisticated communications and strategies, law firms have made the switch to a more technologically advanced environment and are now more vulnerable to cyberattacks than they were previously.

Law firms, in particular, are viewed as attractive targets for hackers, with numerous high-profile attacks being covered in the media. According to a recent study by the American Bar Association, more than 20% of law businesses reported being the target of a cyber-attack. This percentage was 35% among legal companies with roughly 10 to 49 attorneys. This means that more than a third of small law firms had experienced hacking in some shape or form.

These data breaches are concerning for reasons other than the victims’ embarrassment or the possibility of identity theft. A 2017 study found that the average cost of a data breach outside the US is around $3.6 million, or $141 per record. The amount is considerably larger in the United States at $7.3 million, not to be surpassed.

The consequences of a data breach go beyond the loss of individual details. Trust in the compromised institution can be destroyed by a single breach, a fate which many practices cannot recover. In reality, “almost 60% of [small businesses] forced to cease operations after a cyber assault never reopen for business,” according to a Forbes article.

 

6 Tips to Protect Your Law Firm Against Cyberattacks

1. Improve Your Security Culture
2. Implement Basic Cybersecurity Measures
3. Encrypting Sensitive Data
4. Proactive Security
5. Securing Network with Firewalls
6. Keeping Antivirus Updated is a Must

Download our e-book for free to read in detail the tips on how to protect your law firm and best practices.

 

Conclusion

You must have a plan before cyber criminals attack your law firm. After dealing with a data breach at your legal company, you want to be sure to take immediate action. Consider communications in particular when creating your plan. The best way to prevent your law firm from becoming the next cyberattack victim is to implement a cybersecurity program that includes preventative measures, detection, and response strategies. Instead of having a client accidentally learn the terrible news, the law firm must be the one to deliver it.

Download our e-book Cyberattacks Against Law Firms and How to Prevent Them, which we have created specifically for legal companies. Within this e-book, you will learn about the most common cyberattacks against law firms and how you can prevent them from happening to your company. We also give you access to our e-book library with our most requested titles.

Get started and download today!

The Biggest Data Risks and Cybersecurity Trends for Law Firms

 

In the digital age, law firms are operating within a high-risk environment. The number of cyber-attacks continues to rise, as do the associated costs. Recent studies suggest that, on average, small and medium-sized businesses spend more than $200 million annually on cyber security breaches.

These statistics show just how important it is for companies of all sizes to take cybersecurity seriously as well as highlight the risks involved in working with sensitive data. After all, no company wants their clients’ personal information to fall into the wrong hands.

We are excited to launch our 2022 Law Firm Data Breach Trend Report white paper. This report will be a compilation of data analysis from hundreds of law firms across the globe, as well as interviews with more than 100 partners and senior-level executives from the largest law firms in the US. We have learned a lot from these conversations and are excited to share our findings with you.

Download the white paper for free today!

 

Protecting Client Data:

The Biggest Challenge for Law Firms

Protecting client data is a top concern for law firms of all sizes. While most firms are diligent in protecting sensitive data and complying with local, state, and federal regulations, some are not.

After being asked to identify their most significant challenges when it comes to safeguarding client data, 58% of law firms cited, “managing the sheer volume of data,” and, “ensuring data is secure,” as their primary concern. These findings make sense if we consider that, on average, law firms store more than 5,000 gigabytes of data. The large volumes of data makes it difficult for law firms to constantly comply with the most up-to-date security protocols.

 

Top Threats

Your client’s data is constantly in danger from simple breaches, such as those resulting from a stolen laptop to even more extensive hacking schemes.

Here are a few actions you’re probably doing now that can endanger your clients most sensitive information.

• 

  Skipping Assessments – To help prevent a data breach, an annual inventory should be taken to understand what devices and data you have, where they are located, and who has access to them. It’s also essential to conduct a security and risk assessment. How vulnerable is your information? What would the ramifications be if it was stolen?

• Understaffed and Underfunded IT Departments – A majority of IT departments are usually very understaffed and overburdened with day-to-day work. This leaves little time for them to improve their security infrastructure, as they always react rather than improve.
• Lack of Employee Security Training – Analysts claim that non-malicious attacks are the most common security breach that law organizations face. Unfortunately, many legal companies have failed to adequately train their employees on IT security basics.
• Cloud Migration & Apps – Your business needs to make sure it has a good strategy when it comes time to migrate, including fundamentals like access control and governance, API integrations, and continuous monitoring.

 

Recent Law Firm Breaches

New York City’s Law Department (July 2021)

Grubman Shire Meiselas & Sacks (May 2020)

Vierra Magen Marcus (May 2020)

Mossack Fonseca (April 2016)

 

Top Cybersecurity Trends for 2022

Use Password Authenticator – Password authentication is a method in which a user enters a unique ID and key compared to previously stored credentials. It is one of the quickest forms of security; you can set up your device to require some identification before letting someone access it. This can be done using a passcode, PIN, password, fingerprint, or a 2-factor authentication (2FA).

Use Effective EDR – Using effective EDR (Endpoint Detection and Response) tools can help you improve the security of your network by aggregating data on endpoints, including process execution, endpoint communication, and user logins.

Move to a Virtual Server – Moving to a virtual server is essential as it has many benefits that address the security concerns law firms face. These benefits include getting the ability to prioritize critical traffic and improving network agility while reducing the burden from the IT department.

Isolated Backups – A remote or isolated backup is stored separately from other backups and is inaccessible from the end-user layer. Creating a remote backup helps to reduce security breaches, especially ransomware attacks.

Know Your Network Map – Understanding the network map is critical to complying with data privacy regulations as it provides an overview of devices and data on your network. This overview is crucial in identifying and minimizing the attack surface of a system. It will also uncover devices that IT staff may not know are there—for instance, an old, decommissioned server.

Timely Software Updates – It sounds simple, but vulnerabilities caused by outdated software are a significant problem. Keeping all the software up to date is essential for better performance. It also helps discourage potential cybercriminals who like to take advantage of previously-found weaknesses in software.

Data Encryption – In 2022, law firms must use encryption methods for systems, data in the cloud, data at rest, and data in transit to protect their files. Hard drives, USB devices, and phones should also use encryption if they are holding sensitive data

To read the cybersecurity trends for 2022 in detail, download our free white paper today.

 

Conclusion

By 2023, 80% of law firms will have experienced a data breach, according to research from LexisNexis. Given the rising number of cyber-attacks law firms face, it is necessary to take cybersecurity seriously. Law firms can better protect their sensitive data against these cyber threats by investing in the latest security technologies.

Protecting sensitive client data is essential for all law firms.

Stay on top of the latest trends and best practices for data security by downloading our white paper today! We highlight what law firms should be doing to protect their data and prevent a breach from ever happening. Protected Harbor also has other resources to prevent a law firm data breach, which you can access free from our digital library.

Keep in touch for more tips on how to keep your company safe from cybercriminals.